Chapter 32 Dos Attack Prevention Commands - D-Link xStack Reference Manual
Dgs-3620 series layer 3 managed stackable gigabit switch
Hide thumbs
Also See for xStack:
- Reference manual (1109 pages) ,
- User manual (357 pages) ,
- Hardware installation manual (71 pages)
Table of Contents
Advertisement
xStack® DGS-3620 Series Layer 3 Managed Stackable Gigabit Switch CLI Reference Guide
Chapter 32
config dos_prevention dos_type [{land_attack | blat_attack | tcp_null_scan | tcp_xmasscan |
tcp_synfin | tcp_syn_srcport_less_1024 | ping_death_attack | tcp_tiny_frag_attack} | all]
{action [drop] | state [enable | disable]}(1)
config dos_prevention log [enable | disable]
config dos_prevention trap [enable | disable]
show dos_prevention {land_attack | blat_attack | tcp_null_scan | tcp_xmasscan | tcp_synfin |
tcp_syn_srcport_less_1024 | ping_death_attack | tcp_tiny_frag_attack}
32-1
config dos_prevention dos_type
Description
This command is used to configure the prevention of each DoS attacks. The packet matching will
be done by hardware. For a specific type of attack, the content of the packet will be matched
against a specific pattern.
Format
config dos_prevention dos_type [{land_attack | blat_attack | tcp_null_scan | tcp_xmasscan
| tcp_synfin | tcp_syn_srcport_less_1024 | ping_death_attack | tcp_tiny_frag_attack} | all]
{action [drop] | state [enable | disable]}(1)
Parameters
land_attack - (Optional) Specifies that the DoS attack prevention type will be set to prevent
LAND attacks.
blat_attack - (Optional) Specifies that the DoS attack prevention type will be set to prevent BLAT
attacks.
tcp_null_scan - (Optional) Specifies that the DoS attack prevention type will be set to prevent
TCP Null Scan attacks.
tcp_xmasscan - (Optional) Specifies that the DoS attack prevention type will be set to prevent
TCP Xmas Scan attacks.
tcp_synfin - (Optional) Specifies that the DoS attack prevention type will be set to prevent TCP
SYN FIN attacks.
tcp_syn_srcport_less_1024 - (Optional) Specifies that the DoS attack prevention type will be
set to prevent TCP SYN Source Port Less 1024 attacks.
ping_death_attack - (Optional) Specifies that the DoS attack prevention type will be set to
prevent Ping of Death attacks.
tcp_tiny_frag_attack - (Optional) Specifies that the DoS attack prevention type will be set to
prevent TCP Tiny Frag attacks.
all - Specifies that the DoS attack prevention type will be set to prevent all attacks.
action - (Optional) Specifies the action that the DoS Prevention function will take.
drop - Specifies to drop all matched DoS attack packets.
state - (Optional) Specifies the DoS Attack Prevention state.
enable - Specifies that the DoS Attack Prevention state will be enabled.
disable - Specifies that the DoS Attack Prevention state will be disabled.
DoS Attack
Prevention Commands
471
Advertisement
Chapters
Table of Contents
